37c6d2437375c9bbbd9df5c57a721954_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37c6d2437375c9bbbd9df5c57a721954_JaffaCakes118
Size

483KB
MD5

37c6d2437375c9bbbd9df5c57a721954
SHA1

3c345df1db53d91c823526fd2699eda644dd3c54
SHA256

c10e7971f576feb0a4d5d75a133064e5196256be3aecfcaa8b549605716beabb
SHA512

565d641d9891b5342a3749d2195a4e8853bdac24004511631b0c694a27858a8781fdaf49a776dba734c6a0136e3752809f71a8e79cc3f8769b046643d9a2a0ed
SSDEEP

12288:9tEwT6Fmael0UTYW+NyaqmG93aBjnnte:9tEff93yZh8te

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c6d2437375c9bbbd9df5c57a721954_JaffaCakes118

Files

37c6d2437375c9bbbd9df5c57a721954_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28c99a282a1960d5f9438219b593a5f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheEntryW
InternetGoOnlineA
InternetTimeFromSystemTimeW
InternetCloseHandle
FreeUrlCacheSpaceA
HttpSendRequestExW

user32

ShowWindow
GetComboBoxInfo
MessageBoxA
CreateWindowExA
CreateMenu
RegisterClassExA
InsertMenuItemW
MessageBoxIndirectA
RegisterClassA

kernel32

RaiseException
SetLastError
FlushFileBuffers
VirtualQuery
OutputDebugStringW
UnmapViewOfFile
EnumSystemLocalesA
IsValidLocale
GetEnvironmentStringsW
CloseHandle
GetStringTypeA
GetLocaleInfoW
GetSystemTimeAsFileTime
WriteConsoleW
HeapCreate
CompareStringA
GetProcessHeap
UnhandledExceptionFilter
GetCommandLineA
GetEnvironmentStringsA
CreateFileA
VirtualAlloc
WideCharToMultiByte
SetHandleCount
GetStringTypeW
TerminateProcess
SetConsoleCtrlHandler
CopyFileA
RtlUnwind
GetACP
GetLastError
GetPrivateProfileSectionA
Sleep
GetCommandLineW
HeapFree
LoadLibraryA
HeapAlloc
GetCPInfo
GetTimeFormatA
GetOEMCP
GetCurrentProcessId
GetFileType
GetCurrentProcess
IsDebuggerPresent
EnumSystemCodePagesW
FreeLibrary
TlsAlloc
GetLongPathNameW
QueryPerformanceCounter
GetCurrentThread
GetShortPathNameA
LocalSize
CreateMutexA
MultiByteToWideChar
HeapReAlloc
GetLocaleInfoA
GetUserDefaultLCID
DebugBreak
EnterCriticalSection
LoadLibraryW
GetStartupInfoW
GetConsoleMode
WriteFile
IsValidCodePage
WriteConsoleA
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetTimeZoneInformation
OutputDebugStringA
ReadFile
LCMapStringA
GetConsoleOutputCP
GetDateFormatA
VirtualFree
GetTickCount
ExitProcess
HeapValidate
GetProcAddress
TlsFree
OpenMutexA
LCMapStringW
SetStdHandle
FreeEnvironmentStringsW
GetStdHandle
GetModuleHandleA
IsBadReadPtr
HeapSize
CompareStringW
GetConsoleCP
InterlockedDecrement
GetModuleFileNameW
InterlockedExchange
lstrlenA
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
GetStartupInfoA
HeapDestroy
InitializeCriticalSectionAndSpinCount
TlsSetValue
SetFilePointer
LeaveCriticalSection

comctl32

InitCommonControlsEx

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28c99a282a1960d5f9438219b593a5f3

Headers

File Characteristics

Imports

wininet

user32

kernel32

comctl32

Sections

.text Size: 317KB - Virtual size: 317KB

.rdata Size: 60KB - Virtual size: 87KB

.data Size: 92KB - Virtual size: 92KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 317KB - Virtual size: 317KB

.rdata
Size: 60KB - Virtual size: 87KB

.data
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 12KB - Virtual size: 11KB